Summary
Zen Cart is prone to an information-disclosure vulnerability because it fails to sufficiently sanitize user-supplied data.
An attacker can exploit this issue to view local files in the context of the webserver process. This may allow the attacker to obtain sensitive information
other attacks are also possible.
References
Severity
Classification
-
CVE CVE-2009-4321 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- 123 Flash Chat Multiple Security Vulnerabilities
- Apache Rave User Information Disclosure Vulnerability
- Apache Tomcat SecurityConstraints Security Bypass Vulnerability
- Apache Web Server Linefeed Memory Allocation Denial Of Service Vulnerability
- Allegro RomPager HTTP Referer Header Cross Site Scripting Vulnerability